【Vulnerability Alert】 CISA Adds 5 New Exploited Vulnerabilities to the KEV Catalog (2025/03/17 - 2025/03/23)
publish date :
2025-03-26
update date :
2025-03-26
Source: Ministry of education information & communication security contingency platform
| Publication Number | TACERT-ANA-2025032509032828 | Publication Time | 2025/03/25 09:31 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2025/03/25 09:26 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】 CISA Adds 5 New Exploited Vulnerabilities to the KEV Catalog (2025/03/17 - 2025/03/23) |
|||
| [Content] Forwarded from TWCERTCC-200-202503-00000011 [CVE-2025-30066] tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability (CVSS v3.1: 8.6) [Ransomware Exploitation: Unknown] The tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability. Remote attackers can discover secrets by reading GitHub Actions workflow logs. These secrets may include, but are not limited to, valid AWS access keys, GitHub personal access tokens (PATs), npm tokens, and RSA private keys. [Affected Platform] tj-actions changed-files versions prior to 46 [CVE-2025-24472] Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability (CVSS v3.1: 9.8) [Ransomware Exploitation: Yes] Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability, allowing remote attackers to gain super administrator privileges via crafted CSF proxy requests. [Affected Platform] Please refer to the official list of affected versions: https://fortiguard.fortinet.com/psirt/FG-IR-24-535 [CVE-2017-12637] SAP NetWeaver Directory Traversal Vulnerability (CVSS v3.1: 7.5) [Ransomware Exploitation: Unknown] The SAP NetWeaver Application Server Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS, allowing remote attackers to read arbitrary files by using .. in the query string. [Affected Platform] Please refer to the official list of affected versions: https://userapps.support.sap.com/sap/support/knowledge/en/3476549 [CVE-2024-48248] NAKIVO Backup and Replication Absolute Path Traversal Vulnerability (CVSS v3.1: 8.6) [Ransomware Exploitation: Unknown] NAKIVO Backup and Replication contains an absolute path traversal vulnerability, allowing attackers to read arbitrary files. [Affected Platform] Please refer to the official list of affected versions: https://helpcenter.nakivo.com/Knowledge-Base/Content/Security-Advisory/CVE-2024-48248.htm [CVE-2025-1316] Edimax IC-7100 IP Camera OS Command Injection Vulnerability (CVSS v3.1: 9.3) [Ransomware Exploitation: Unknown] The Edimax IC-7100 IP Camera contains an OS command injection vulnerability, allowing attackers to execute remote code through specially crafted request files. [Affected Platform] Please refer to the official list of affected versions: https://www.edimax.com/edimax/post/post/data/edimax/global/press_releases/4801/ Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] For details, please refer to the affected platform section in the content description. |
|||
| [Recommended Actions] [CVE-2025-30066] Upgrade the corresponding product to the following version (or later): tj-actions changed-files 46.0.1 [CVE-2025-24472] The vendor has released a security update to address this vulnerability. Please update to the relevant version: https://fortiguard.fortinet.com/psirt/FG-IR-24-535 [CVE-2017-12637] The vendor has released a security update to address this vulnerability. Please update to the relevant version: https://userapps.support.sap.com/sap/support/knowledge/en/3476549 [CVE-2024-48248] The vendor has released a security update to address this vulnerability. Please update to the relevant version: https://helpcenter.nakivo.com/Knowledge-Base/Content/Security-Advisory/CVE-2024-48248.htm [CVE-2025-1316] The vendor has released mitigation measures: https://www.edimax.com/edimax/post/post/data/edimax/global/press_releases/4801/ |
|||
| [Reference] | |||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center
